Intrusion Detection and Prevention

The Network Box IDP (Intrusion Detection and Prevention) module integrated with the Firewall scans network traffic at the application level, and seamlessly blocks malicious behaviour with zero latency.

 

A comprehensive database of IDP signatures precisely matches and actively blocks known exploits. Protection against newly emerging threats is provided by a database of vulnerability-class based signatures and heuristic (expert system) anomaly-based behavioural analysis.

The Network Box IDP system is updated in real-time, using high speed PUSH Technology, from the global network of Network Box Operation Centres.

 

Features

  • Intrusion detection engine: Zero latency, hybrid, multi-level, tightly integrated with Firewall.
  • Action: Active (blocks network traffic) and / or passive (logs intrusion attempts)
  • Reporting: Real time (on demand), and periodic (summary) by SMTP e-mail
  • Types of intrusion detected: ICMP / IP, Denial of Service (DoS), portscans, protocol level, application level.
  • Just-In-time and heuristic engines: Used to block uncharacterised attacks before they have a signature.
  • Signatures: Depends on configuration, but normally in excess of 8,000 (IDS) / 350 (IDP)